Sign in with
Sign up | Sign in

Don't Use NSA-Influenced Code in Our Products, Security Company Warns

By - Source: Tom's Guide US | B 11 comments
Tags :

The National Security Agency (NSA) has sabotaged at least one of the security standards used to secure many online and offline transactions, according to a Sept. 5 New York Times article.

Which standards? The Times didn't reveal the names, but Tom's Guide and several others speculated that one of them was an algorithm called Dual_EC_DRBG, used to generate random numbers for encryption purposes.

RSA Security clearly agrees. In an emailed advisory, the computer and network security company warned its developer community not to use Dual_EC_DRBG, which is an option in many of its developer tool kits and the default selection in one of them.

To "ensure a high level of assurance in their application, RSA strongly recommends that customers discontinue use of Dual_EC_DRBG and move to a different [algorithm]," RSA wrote.

MORE: 13 Security and Privacy Tips for the Truly Paranoid

"Under no circumstances does RSA design or enable any backdoors in our products," RSA Security said in a statement on its website.

Dual_EC_DRBG is not in any of RSA Security's SecurID identification key fobs, which are commonly used to verify users logging in to corporate and government VPNs.

It should also be noted that RSA Security is different than the encryption algorithm known as RSA, which many websites use to encrypt their visitors' connections.

Dual_EC_DRBG was co-developed by the NSA. In 2006, the algorithm was published as a standard by the National Institute of Standards and Technology (NIST), a branch of the U.S. Department of Commerce that reviews and publishes standard practices for governmental organizations.

All of NIST's standards are publicly reviewed by field experts, and many nongovernmental organizations — RSA Security among them — use NIST's standards because of their high quality.

Dual_EC_DRBG passed NIST's original public review period, but in 2007, two Microsoft researchers found a "backdoor" in the algorithm, meaning that the algorithm was written in such a way that anyone with a certain passcode could predict what numbers the algorithm would generate.

"We have no way of knowing whether the NSA knows the secret numbers that break Dual_EC_DRBG," wrote security expert Bruce Schneier in a 2007 Wired op-ed, though, in the same piece, he also noted that Dual_EC_DRBG was slower than other available methods and was "in the standard only because it's been championed by the NSA."

Despite these warnings, Dual_EC_DRBG became widely adopted. NIST maintains a list of companies that currently use Dual_EC_DRBG in their products, and it includes BlackBerry, Juniper Networks and Cisco Systems.

A spokeswoman for Cisco Systems said she would "check into this."

RSA Security is the first company to come out against using a NIST-endorsed security standard, but it probably won't be the last.

NIST maintains that it does not know of any NSA-created backdoors in its standards. "NIST would not deliberately weaken a cryptographic standard," the agency said in a Sept. 10 statement on its website.

However, on Sept. 9, NIST reopened Dual_EC_DRBG for public review, and recommended that the algorithm not be used until the review process is concluded.

Understandably, many cryptographers aren't ready to take NIST's word for it.

"We'll have to re-evaluate that relationship," cryptographer Matthew Green of Johns Hopkins University wrote on his blog. "While the possibility of a backdoor in any of [NIST's] components does seem remote, trust has been violated."

Email jscharr@techmedianetwork.com or follow her @JillScharr. Follow us @TomsGuide, on Facebook and on Google+.

Display 11 Comments.
This thread is closed for comments
Top Comments
  • 11 Hide
    MajinCry , September 20, 2013 1:03 PM
    National security? Please.

    It's just a way to stop people from revolting. You know how the Government talks about terrorists? Well, the founding fathers would be deemed terrorists from whence they came. Yet they're pictured as freedom fighters.

    I do wonder why the British and American Governments haven't been burnt to rubble and the workers, leaders and managers lynched to death.

    Probably because of that new iPhone. Isn't it amazing!?

    *Mumble Grumble*
Other Comments
  • 5 Hide
    Darkk , September 20, 2013 12:44 PM
    This isn't very surprising since the NSA / govt puts tight restrictions on encryption for the sake of national security. Normally I wouldn't have a problem with this but there is always room for abuse of our privacy so why give them a chance to do it?
  • 11 Hide
    MajinCry , September 20, 2013 1:03 PM
    National security? Please.

    It's just a way to stop people from revolting. You know how the Government talks about terrorists? Well, the founding fathers would be deemed terrorists from whence they came. Yet they're pictured as freedom fighters.

    I do wonder why the British and American Governments haven't been burnt to rubble and the workers, leaders and managers lynched to death.

    Probably because of that new iPhone. Isn't it amazing!?

    *Mumble Grumble*
  • -7 Hide
    ddpruitt , September 20, 2013 1:47 PM
    I seriously doubt it's a backdoor and that RSA's algorithms are that much better. More than likely it's just an error in the algorithm. I haven't seen a single CSPRNG that didn't have bugs the first time around. Getting random right is incredibly hard. If you need further proof just look into RANDU.
  • 0 Hide
    funguseater , September 20, 2013 3:23 PM
    Remember when you could not use pkzip outside the US? Everyone used it but the warning was there, for National Security purposes. The NSA helped to develop this protocol, do you really think they would not add in a backdoor or a way to calculate the used seed. I better add another layer to my tinfoil hat ;) 
  • -6 Hide
    jimmysmitty , September 20, 2013 6:00 PM
    Quote:
    National security? Please.

    It's just a way to stop people from revolting. You know how the Government talks about terrorists? Well, the founding fathers would be deemed terrorists from whence they came. Yet they're pictured as freedom fighters.

    I do wonder why the British and American Governments haven't been burnt to rubble and the workers, leaders and managers lynched to death.

    Probably because of that new iPhone. Isn't it amazing!?

    *Mumble Grumble*


    The difference is that our founding fathers didn't wear suicide vests and bomb innocent civilian populations.

    While they were "terrorists" for their time they were just fighting to be their own country instead of something controlled by a government bent on taxing the crap out of the poorest.

    I have nothing against the government trying to prevent attacks like 9/11 but they are pushing beyond the bounds of our own privacy which is wrong and the NSA really needs to know when to stop.

    But at least we are being warned by the companies what not to use.
  • -1 Hide
    deadmeow , September 21, 2013 11:13 AM
    Ummmm... The Reichstag and 911 were domestic false flags to embolden the domestic tyrannies. Wake up. Common sense.
  • 0 Hide
    shin0bi272 , September 21, 2013 12:07 PM
    sure deadmeow now go back to your corner and make little balls with your turds and eat your crayons.
  • 0 Hide
    shin0bi272 , September 21, 2013 12:07 PM
    sure deadmeow now go back to your corner and make little balls with your poo and eat your crayons.
  • 0 Hide
    shin0bi272 , September 21, 2013 12:09 PM
    god new new comment system is horrible. can someone either give me back the link to the forums so I can fix this myself or delete my duplicate post? lousy POS comment system... *grumble* *grumble*
  • -1 Hide
    TammyHi17765516 , September 21, 2013 1:24 PM
    Only seriously interested people will be warmly welcomed,Thanks,,you have to work using a computer and internet.if you can do that and dedicate some time each day then you can do this with no problem. I have been working with this for a month and have made over $17,000 already. let me know if you need more here you go.
    ------------->>> http://ddp.net/blue48.amp
  • 0 Hide
    rantoc , September 21, 2013 2:20 PM
    And RSA is another American company, who can say if the corrupted fingers of NSA haven't touched them as well? I wont trust American companys to keep my information safe ty!
Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter